Compliance audits should not cause headaches. Learn how GitLab makes compliance simple and friendly.

Team work makes the (DevSecOps) dream work. Here's what you need to know about collaboration.

In our 2020 DevSecOps Survey we uncovered a number of different definitions of 'multicloud.' Here's how to make sense of it all.

Here's how to create an efficient DevSecOps practice and shift your security left.

Our 2020 DevSecOps Survey found testing was the number one reason for release delays, but planning and code reviews were also challenges. Here’s what you need to know.

A quick three minute demo shows how teams can deliver better apps faster using GitLab CI/CD.

Nearly 3700 software pros shared their DevOps successes, failures and thoughts on the future. Here’s what you need to know.

How single application continuous integration helps team automate and collaborate.

Automatically detect and monitor Kubernetes Clusters and deployed applications from the GitLab interface with application performance metrics (APM).

Highlights from our serverless webcast with AWS exploring the Serverless Application Model.

Our senior developer evangelist answers newbie questions about Git.

GitLab Incident Management helps your response teams focus on the problem and shorten the mean time to repair rather than waste time on the process itself.

Citizen developers are creating code without being coders. CEO Sid Sijbrandij and senior PMM Parker Ennis explain the impact on GitLab.

We created a DevSecOps assessment to help your company level up its DevSecOps capabilities.

New in GitLab 12.8, this dashboard helps to simplify the complex process of compliance tracking, right inside GitLab.

CEO Sid Sijbrandij and senior product manager Thao Yeager discuss the easiest way to bring Vault access to GitLab customers. Hint: it involves a minimum viable change.

Google Cloud's Ian Chakeres and Tim Hockin discuss how Kubernetes reduces cloud noise and makes multicloud possible.

Read respondents from 21 countries share their DevOps successes, challenges, and ongoing struggles

Scale your security efforts by understanding and integrating with the DevOps workflow.

Goldman Sachs’ George Grant shares how partnering with GitLab has modernized the development ecosystem.

How we’re improving deployments by limiting pipeline concurrency.

Expert panel from MulticloudCon discusses how CI/CD and cloud-agnostic DevOps help organizations go multicloud.

The challenges of being on-prem and what to consider when shifting to public cloud.

What to consider for a long-term cloud strategy.

Three best practices to bring your projects from DevOps to DevSecOps.

Best practices for making the switch to GitLab CI/CD.

Five challenges and seven best practices to consider for your multicloud strategy.

Speed to launch often comes at the cost of security – but it doesn’t have to. Here are four ways to achieve both.

Can cloud providers (and their tools) ever be cloud agnostic? We discuss GitHub Actions and GitLab CI/CD.

Competitive intelligence manager Mahesh Kumar describes the criteria we use when comparing GitLab to other DevOps tools.

Balance the demands of the business with the need for safe and secure applications.

The UK Dept for Work and Pensions bring security best practices to the forefront of a massive transition to continuous delivery.

We explain the characteristics that define the three levels of DevSecOps maturity.

Why a single application helps to eliminate silos and knowledge gaps.

VP of product strategy Mark Pundsack shares everything you need to know about Auto DevOps.

For all of the customization, plugins sometimes come at a high price.

With new acquisitions and the launch of CloudBees SDM, is Jenkins trying to become another all-in-one?

Discover how to leverage CI/CD for your infrastructure scripts with Terraform and GitLab.

Developers are looking for guidance and standard practices as they take on more security testing responsibilities.

Weighing some of the pros and cons of serverless architecture.

Keep your software development fast and efficient with dependency scanning and auto-remediation.

GitLab Secure is not just for your security team – it’s for developers too. Learn four ways to write secure code with GitLab.

Director of quality engineering Mek Stittri talks test technology and the future of automation at GitLab.

Container adoption is growing, but traditional security methods can’t keep up.

Guest authors from VMware share how to include budget and resource checking into your continuous deployment with Cloudhealth and GitLab.

GitLab Groups and Projects can help teams divide work by product or system.

How GitLab uses autoscaling to reduce build times and make developers happy.

Pairing with a teammate can increase delivery. Here's a look at the pros and cons.

Build compliance into your code to streamline the DevOps lifecycle.

GitLab CEO Sid Sijbrandij and podcast host Maren Kate unpack why venture firms struggle to fund all-remote startups.

Make the most out of Agile development with these technical best practices.

Bolster your code quality with static and dynamic application security testing.

Why we decided to combine version control with CI, and the rise of the single application.

Dive into the history of GitLab's navigation design and learn how GitLab's UX department is making incremental improvements.

How three different teams – Alteryx, ANWB, and EAB – shifted away from Jenkins for smoother sailing with GitLab.

DevOps goes by a lot of different names, but we’ve settled on concurrent DevOps for now at least.

Third-party code is a great resource for businesses, but comes with a number of risks. Explore four ways developers can keep their code secure.

Over 4,000 software professionals shared their DevOps experiences, helping us uncover what they require in order to innovate rapidly.

What to look for when choosing a CI/CD solution for long-term growth.

How GitLab is making a better pipeline with Auto DevOps.

How to measure a successful CI/CD strategy.

How a good CI/CD strategy generates revenue and keeps developers happy.

A small change with a huge impact: Scoped Labels can help teams customize their workflow and speed up delivery.

Want to dump the monolith and get into microservices? Consider these three methods.

Learn how embracing change can help you speed up software delivery.

Dev and Ops working together is a beautiful thing. What is the ideal structure for DevOps to thrive?

Some of the GitLab Manage team have a conversation about staying agile as a company grows.

Moving to GitLab resulted in an 80 percent drop in support tickets and an increase in developer productivity.

If these DevOps challenges hit close to home, the right CI/CD could be the answer.

Learn how to identify waste, invest in long-term growth, and the formula for DevOps nirvana.

Monkton is migrating from a suite of disparate tools to GitLab, enabling them to better help their customers build safe, secure mobile apps.

Protect your software in the cloud by bringing vulnerability testing closer to remediation.

Faster deployments, fewer bugs, better user experiences – see the latest trends in test automation and what they're bringing to the table.

It’s time to shift left: Embed security into your DevOps workflow to increase speed, quality, and efficiency in the SDLC.

There’s no need to be embarrassed — we all have technical debt. Here’s how you pay it off.

How can DevOps help you reduce cycle time?

Four ways organizations can spend less on IT and more on innovation.

How do you keep pace with rapid changes in technology? The answer is continuous improvement.

With every industry facing change at an accelerated pace, how do you quickly deliver value to customers?

We have a new way of looking at cycle time. Let’s talk about it.

How to overcome analysis paralysis and take your digital transformation efforts from theory to practice.

What possibilities could you unlock by just making the choice, committing, and moving forward?

What do you need in order to thrive? From fewer delays in the development process to early detection of security vulnerabilities, we want to identify what you need to move ideas into action.

Break out your sunglasses, because the cloud native forecast for 2019 is sunny.

Here are our top tips, tricks, and not-to-be missed for AWS 2018.

Check out some of the findings that led to our new Product Manager Persona.

The real value of virtual conferences.

Our workflow model streamlines decision making, cultivates trust, and promotes cross-functional collaboration.

Learn how GitLab helps particle physics laboratory CERN manage over 7,000 projects globally

If you’re a little fuzzy on what makes an application cloud native, this explainer will help you get up to speed.

Cybersecurity is a necessity, but it's often treated as an afterthought. What it has in common with modern photography could tell us how to make it less painful to achieve.

GitLab users Jack Cackler and Frank Lee explain how they use predictive analytics to empower community stakeholders, like first responders and policy makers, to save lives.

In this article, we compare GitLab CI with the three Jenkins variants and ask if there are things we can learn.

UX Manager Sarrah Vesselov shares her thoughts on how to design for a developer audience.

Cloud computing is officially where it's at. Find out who's in the lead and how to plan for the future.

Inspiration, persistence, an attitude of continuous improvement – how adopting CI helped this vehicle company implement software over the air.

Switching to GitLab helped a newly minted DevOps engineer grasp the concept of CI/CD.

Gary Gruver, author of "Starting and Scaling DevOps in the Enterprise," shares his thoughts on the role of executives in a DevOps transformation.

How GitLab UX researchers figure out how to turn your feedback into reality.

GitLab's director of product marketing discusses the challenges facing DevOps adoption and other key findings from our 2018 Developer Survey.

Guest author Steve Ropa explains what a Cold War era motto has to do with test automation (seriously) and bringing development and operations closer together.

What makes remote work more conducive to DevOps adoption? Here's a look at one of the findings of our 2018 Global Developer Report.

Realize a faster DevOps lifecycle with these best practices for integration and automation – watch our recent webcast with guest speaker Forrester Senior Analyst Christoper Condo and GitLab Head of Product Mark Pundsack.

How do you assess job satisfaction? Here's a look inside the findings and methods of our Global Developer Report.

We surveyed over 5,000 software professionals to examine current attitudes and perception of the state of culture, workflow, and tooling within IT organizations.

Red Hat’s recent acquisition of CoreOS proves that GitLab’s hybrid cloud strategy is worth the investment.

Why are collaboration woes, shift-left waste, and tooling admin costs still plaguing DevOps?

Guest author Steve Ropa shares his ideal continuous integration processes for catching errors early and shipping the best software possible.

If you’re not using automated testing, your competitors almost certainly are – catch up on our recent webcast to get started.

Take the 2018 Global Developer Survey and be entered to win a Nintendo Switch and GitLab swag.

The Linux Ops team and one of the Development teams at the Government of Nova Scotia introduced DevOps practices to their workflow – find out how they did it and what benefits they're now enjoying.

GitLab first became the standard for self hosting git with two-thirds of the market, then became the next generation CI system, and the next step is creating Auto DevOps.

These are the biggest obstacles preventing developers from getting work done – and how to tackle them.

Brandon Foo, co-founder and CEO of Polymail (YC S16), recently sat down with GitLab CEO Sid Sijbrandij.

Although the learning curve can pose a challenge, teams have a real incentive to transition to Git.

With so many options out there, here's what you need to weigh up when deciding on a CI/CD tool.

More than half of developers say they release code prematurely. What can you do about it?

You've decided to make the move to Git. Now what?

Security is a major concern during the development process — innersourcing can help.

CI/CD frees up your team to spend their time on developing features customers want.

Nearly two-thirds of developers say that chat and collaboration tools are integral to their everyday work. Here’s why.

Find out how we used a continuous approach to release Review Apps early and improve on it in small iterations.

Traditionally, engineers may have been shielded from the "business parts" of the organization. In today’s technology landscape, that’s no longer a viable option.

The way developers work has changed, and they’re opting to leave behind outdated tools.

77% of developers say Continuous Integration is integral to their everyday work – we break down what that means.

Is Kubernetes the way forward? We chatted to Ev Kontsevoy, CEO of Gravitational and unofficial Kubernetes cheerleader, to get the lowdown

New survey examines how modern developers prefer to work.

30 fundraising tips from GitLab CEO Sid Sijbrandij

5 questions a founder asked our founder about applying to YC!

GitLab and Yubico discuss security best practices for Git users.

Learn how Brian uses GitLab Labels for his workflow

The benefits and drawbacks of microservices and how to decide if it is right for your team.

Doing Git Right: The 11 Rules of GitLab Flow

Let’s explore the rise of releasing early and often!

Disclosure: I'm the CEO of GitLab and we compete with GitHub.

We think of ourselves as an open source company. But today paxcoder on Hacker News rightly remarked that calling it an open core company is more accurate.

We ship GitLab CE which is open source and GitLab EE that is closed source. We try to be a good steward of the open source project. GitLab EE is proprietary, closed source code but we try to work in a way similar to GitLab CE: the issue tracker is publicly viewable and the EE license allows modifications.

When we mention that GitLab is available in an open source edition people frequently ask "Isn't GitHub open source?". I understand the confusion between open source hosting and open source software. The hosted service GitHub.com is free for open source projects and it has fundamentally improved open source collaboration. But the software GitHub's service is based on is closed source.

Please note that while we think of ourselves as an open source company it would be more accurate to call it an open core company since we ship both the open source GitLab Community Edition and the close source GitLab Enterprise Edition. Thanks to paxcoder for pointing this out on Hacker News.

[GitLab] began as a labor of love from [Dmitriy Zaporozhets] and [Valery Sizov], who built the first version together in 2011. Like many open source authors, they were only able to work on the project part time. [Sid Sijbrandij] joined forces a year later and created [GitLab.com], the first SaaS offering and first experiment with monetization.

This post is part of a series Celebrating 1,000 Contributors

There are clear benefits to contributing to open-source projects. For starters, you'll solve your own problems more quickly and you will have a positive effect on your favorite projects.

However, the barrier to entry can be high for first-time contributors. Perhaps you feel your coding skills are not up to par, or maybe you aren't a programmer at all. When you do approach a project, you may find the contribution guidelines are unclear, the maintainers are unresponsive, or you may disagree over priorities.

I'll give you some practical advice on overcoming these hurdles. We'll also look at the ways GitLab tries to make contributing easier in our own project.

We always like to hear how our customers are using GitLab. In this post we will share how Charge, a telecommunications company uses GitLab.

Since GitLab Enterprise Edition 8.2 you could sync all changes from a remote repository to one on GitLab.

In GitLab 8.7 we introduced the second part of the mirroring functionality: the ability to push changes to an external repository from GitLab...

In 8.6 we added a feature allowing you to move issues between projects.

If you work on multiple projects, it's possible to accidentally create an issue in the wrong issue tracker. It's a seemingly simple mistake that is easy to miss. Let's say you don't catch it right away and you do a decent amount of work on the wrong project. Now, your "seemingly simple" mistake just became a bigger one. We've all been in this position before. With our 8.6 release, we want to avoid the panic that can come from creating an issue in the wrong project. Now, if you create an issue in the wrong project, you can easily move it to the right one.

In active projects, it can be hard to keep track of issues that are important to you. For example, a project like GitLab has thousands of issues, but you might only be interested in those related to performance.

You can already mention people in GitLab by using someone's @-handle, but as more people join a project, it becomes harder to keep track of who is interested in what.

To solve this, in GitLab 8.6 and up, you can subscribe to a label. Whenever an issue is tagged with the label you subscribed to, you will get a notification. This is irrespective of your notification level to the project.

In this post we'll look at how Stack Overflow uses GitLab.

At GitLab, we’re really proud to support the open source projects which underpin our service. Obviously, Git is a main part of absolutely everything we do. We recently sponsored Git Merge, an event organized by GitHub and sponsored by Atlassian, Bloomberg, Compose, SAP, and of course, GitLab. Even competitive organizations must work together to improve upon and negotiate the direction of key open source software. On the day before Git Merge, we joined the Git Merge Core Contributors Summit to discuss the direction of the project and new developments.

Sytse, Job and Marin attended to represent GitLab and learn more about what is happening in the core Git community. Here are our notes and impressions from this event.

Since GitLab 8.6, in both Community and Enterprise edition, there is a small checkbox available when you create or edit an issue, allowing you to mark an issue as confidential.

In some ways it’s a simple feature, but there are complex considerations. The main point is to keep the confidential issues secure. However, taking care of those considerations caused some problems during development which are typical when you develop a feature for a relatively long time (in this case two weeks). We'll look at that in this feature highlight.

As a Service Engineer I'm in constant contact with customers, listening to their needs, and I've noticed a steadily-increasing interest in SAML from our Enterprise Customers. That inspired me to dive a little deeper into the topic in an effort to improve our integration with SAML and to add better documentation. I hope this helps our customers and our community to better understand this feature.

In this blog post I'll give you an overview of what I've been working on, how it affects GitLab, and what we plan to do with SAML in the future. Our plan is to bring SAML up to par with the features that LDAP offers within GitLab.

In our latest webcast, we looked at highlights from GitLab 8.6.

Our special guest, Douwe Maan, gave us a live demo of the latest features in GitLab 8.6 with a special focus around improved confidentiality. We looked at project configuration and user permissions to start. Douwe followed a typical GitLab workflow to demonstrate new features which make it easier to keep track of what is happening (subscribe to label) and features which save you time (create a new branch from an issue), and more.

If you're new to GitLab, this webcast will give you a good overview of using GitLab, and if you're experienced you get to see the new features in action.

Sign up to our newsletter to make sure you don't miss any of our live webcasts.

I've recently joined GitLab as a Developer Advocate. Part of my role will be traveling to community events where I hope we'll meet in person. I'm also an experienced Ruby developer. As a rubyist, naturally, I've heard about GitLab and even used it couple of times.

The first two weeks working with GitLab have been full of pleasant surprises and dispelled delusions. If you haven't been following GitLab for the last two years, this post is for you.

If you’re interested in an indication of productivity of individual software engineers (programmers), don’t look at commits or other measures of activity. Look at consistent progress instead. In this post we'll consider some ways people evaluate or represent productivity, and I ask for your thoughts on what you track and what you think matters.

We held our first webcast last week, and we’re so delighted you came along. We looked at new features and improvements included in GitLab 8.4. It was excellent to see so many questions from the audience. It gave us ideas for future webcasts too, so keep the feedback coming!

Sign up to our newsletter to find out about the next one.

Please read the up-to-date version of this article!

Developers rely on multiple platforms to manage repositories, depending on client and project needs. They might contribute to a community project on GitHub, while working on one client's on premises GitLab instance and another client's project in Mercurial on Bitbucket. Confusion can arise when you switch between platforms. In this post, we have a handy reference guide to explain some potentially confusing terms, especially if you're new to GitLab.

Some GitLab users who should be celebrating the festive season might be suffering from post-Christmas blues. Maybe you didn’t get everything you wanted for Christmas. We feel partly responsible for that, and we want to make it up to you.

We’re so happy when people contact us to ask for some swag: a sticker, a t-shirt, anything! Then we feel sad because we don’t have a swag shop and we have no way to get people something to show their appreciation. This is a great problem to have: too much love.

So now we’re hard at work to get a swag shop set up. If you want to be the absolute first to know about it, sign up below. Bonus: You’ll be entered into a prize draw for a gift. Good luck!

There's another way to win too.

Since October 2011 we’ve released GitLab each month, without fail, without exceptions. On December 22nd that will be 49 monthly releases, not including patch releases or security releases. In this article I’ll give you an overview of how we release our product and how it helps our team improve process and documentation.

Your release strategy affects how you plan, develop, test, and publish your software. At GitLab we follow a monthly release cycle which works really well for our project. If you’re running an open source distributed software project, you might consider if a predictable time-based release can help your project. You can even get started by using our release cycle documentation as your template.

In GitLab 8.0 we worked hard to refine the UI so it is really enjoyable to use. After the release we received a lot of positive feedback. However, users requested a few customizations to help the UI better fit their daily use. We considered all of this feedback and are happy to share some new user preferences in GitLab 8.1.

Among these new user preferences are the ability to choose between a fluid or fixed width layout and the option to choose activity as the default dashboard instead of the project list.

Code review is very important. You don't want to run the risk of technical debt. Actually doing code review is another matter. Besides the variety of tools and tricks for the act of code review, the timing is vital.

Quora published a great article about maintaining velocity in projects. The article is really great but we think that their post production code review is timed wrong.

Have you ever wondered how GitLab employees use GitLab? Before I worked here, I always wondered how some products are used for their own creation. This actually has a name and it's called dogfooding.

Some months ago I went to an event in Facebook Headquarters and it called my attention that they use Facebook for everything, including registering guests and getting feedback. Most companies have certain technical departments that will work on making everything more “user friendly” or less technical for the rest of the company. In GitLab, we all try to learn how to use our platform and do everything that’s technical ourselves. That allows us to test our product and have more confidence in it.

When I started in the software industry 10 years ago the idea of putting your company's crown jewels (source code) on someone else's infrastructure was preposterous. It was typically the domain of open-source projects or hobby programmers looking to avoid server management, taking backups, etc. Although some services have been around since the late 90's it wasn't until the second half of the last decade that 3rd party code hosting became more acceptable, especially among SME's. There's been a proliferation of providers in the space since.

The advantages of SaaS over on-premises deployments has been written about ad nauseam and there's certainly good reasons why but let's take a moment to highlight some of the reasons why on-premises is not such a bad idea after all.

Say your department has five teams, and each team is running its own code collaboration tool. One of the teams is still using SVN. Other teams have moved on to a Distributed Version Control Solution (DVCS), but the teams all use different solutions.

All the developers are happy at this time. They get to use their own workflow, the one they prefer. The team leads get to manage tools that they are already comfortable with. You don't have to deal with people complaining that their tool sucks.

But underneath all that happiness, trouble slowly brews.

Working on an open source project, we're so lucky to receive many merge -and pull requests. Not unlike dating, we see a number of different git personalities. Do you recognize yourself or one of your colleagues in one of them? Let us know in the comments or tweet about it with #gitlab.

We get asked a lot how GitLab compares to GitHub Enterprise Edition, the version of GitHub that you can run on your own servers. In this post we'll briefly discuss what we see as the advantages of running GitLab Enterprise Edition, our paid version of GitLab. The three main advantages are that GitLab focuses on enterprise needs, is easier to operate and scale and it is more inclusive.

This blog post will give a short overview on how GitLab bugs are handled, and what you can do after you identify a potential bug in GitLab.

The GitLab community differentiates between three different types of bugs:

• Security bugs
• Regression bugs
• Feature bugs

Git is very easy to use and abuse. A single git push --force command can easily ruin the day for a lot of people:

As a result, these [186 Jenkins'] repositories have their branch heads rewinded to point to older commits, and in effect the newer commits were misplaced after the bad git-push.

On November 10, 2013, a Jenkins developer had accidentally forced pushed to 186 repositories, bringing them back two months in time.

The power that Git gives you to change history is great when you're working alone, but potentially disrupting if you're working with others, as shown by a poor Jenkins developer. When you're working with others, not only do you not want to allow git push --force, but before anything is committed to the main repository or branch, the code should be reviewed.

At GitLab we believe that by preventing force pushes and by stimulating code review practices, mistakes can be easily avoided and code quality will improve. To make it easier to work together with code and Git we have created a surprisingly simple permission system, built on top of an elegant authorization method.

The most up to date version of the content of this blog post can be found in our documentation.

Version management with git makes branching and merging much easier than older versioning systems such as SVN. This allows a wide variety of branching strategies and workflows. Almost all of these are an improvement over the methods used before git. But many organizations end up with a workflow that is not clearly defined, overly complex or not integrated with issue tracking systems. Therefore we propose the GitLab flow as clearly defined set of best practices. It combines feature driven development and feature branches with issue tracking.

Organizations coming to git from other version control systems frequently find it hard to develop an effective workflow. This article describes the GitLab flow that integrates the git workflow with an issue tracking system. It offers a simple, transparent and effective way to work with git.

Sometimes you need additional control over pushes to your repository. GitLab already offers protected branches. But there are cases when you need some specific rules like preventing git tag removal or enforcing a special format for commit messages. GitLab Enterprise Edition offers a user-friendly interface for such cases.

For each project you can have unique Git Hooks. You can set them by going to Project settings -> Git Hooks.

GitLab is a massive open source project with over 600 contributors, all working together to create an amazing platform to collaborate on code. Every month on the 22nd, a new version of GitLab is released, and every month new features are added. To make you aware of the power of GitLab, we walk through some of its features in these blog posts.

We start by looking at GitLab Groups. GitLab groups allow you to group projects into directories and give users access to several projects at once.

GitLab has a very powerful issue tracker that integrates completely with the GitLab workflow, allowing you to reference and even close issues with commits. On top of that, you can easily comment on someone's code line by line, integrate GitLab CI,...

360i, the increasingly successful digital media company from the US, agreed to spend some time with us and explain how they're transitioning to GitLab. You can read the case study here.

While moving away from SVN, they chose GitLab because it was...

The awesome git podcast GitMinutes did a GitLab episode where the host Thomas Ferris Nicolaisen interviews our co-founder Sytse Sijbrandij. The history of GitLab, GitLab Shell, Gitlab CI and git tricks are discussed.